Public key used to sign RFP bundles and release artifacts produced by CollabPlan. Chave pública usada para assinar artefatos publicados pela CollabPlan.
AAE8 3A53 5FA9 BD20 2608 4BF3 57DC 8CFA 53F5 324D
<code@collabplan.ai>
ed25519 — created 2026-05-04 — signing subkey expires 2027-05-04 (renewed annually)
curl -fsSLO https://keys.collabplan.ai/code-collabplan-pubkey.asc gpg --import code-collabplan-pubkey.asc gpg --fingerprint code@collabplan.ai
The fingerprint reported by gpg --fingerprint must match the value above.
gpg --auto-key-locate wkd --locate-keys code@collabplan.ai
Resolves automatically via openpgpkey.collabplan.ai (WKD-Advanced). No manual URL handling.
gpg --verify rfp-bundle-canonical.bundle.sig rfp-bundle-canonical.bundle
Output should report Good signature from "<code@collabplan.ai>" with the fingerprint above. Any other fingerprint, or a BAD signature result, means do not trust the artifact.
The UID salvatoregx@collabplan.ai on Salvatore's
personal key is discoverable here via WKD lookup:
gpg --auto-key-locate wkd --locate-keys salvatoregx@collabplan.ai
For the full personal identity (all UIDs, ASCII-armored, archived revoked keys, transition statements), see the canonical channel at keys.salvatoregx.com.br.